Free Fortinet NSE8_812 Exam Questions

Question 1

On a FortiGateConfigured in Transparent mode, which configuration option allows you to control Multicast

traffic passing through the?

A :

B :

C :

D :

Answer: C

Question 2

Refer to the exhibits, which show a network topology and VPN configuration.A network administrator has been tasked with modifying the existing dial-up IPsec VPN infrastructure to detect the path quality to the remote endpoints. After applying the configuration shown in the configuration exhibit, the VPN clients can still connect and access the protected 172.16.205.0/24 network, but no SLA information shows up for the client tunnels when issuing the diagnose sys link-monitor tunnel all command on the FortiGate CLI. What is wrong with the configuration?

A : SLA link monitoring does not work with the net-device setting.

B : The admin needs to disable the mode-cfg setting.

C : IPsec Phase1 Interface has to be configured in IPsec main mode.

D : It is necessary to use the IKEv2 protocol in this situation.

Answer: A

Question 3

You are troubleshooting a FortiMail Cloud service integrated with Office 365 where outgoing emails are notreaching the recipients' mail What are two possible reasons for this problem? (Choose two.)

A : The FortiMail access control rule to relay from Office 365 servers FQDN is missing.

B : The FortiMail DKIM key was not set using the Auto Generation option.

C : The FortiMail access control rules to relay from Office 365 servers public IPs are missing.

D : A Mail Flow connector from the Exchange Admin Center has not been set properly to the FortiMail Cloud FQDN.

Answer: C,D

Question 4

Refer to the exhibits, which show a network topology and VPN configuration.A network administrator has been tasked with modifying the existing dial-up IPsec VPN infrastructure to detect the path quality to the remote endpoints. After applying the configuration shown in the configuration exhibit, the VPN clients can still connect and access the protected 172.16.205.0/24 network, but no SLA information shows up for the client tunnels when issuing the diagnose sys link-monitor tunnel all command on the FortiGate CLI. What is wrong with the configuration?

A : SLA link monitoring does not work with the net-device setting.

B : The admin needs to disable the mode-cfg setting.

C : IPsec Phase1 Interface has to be configured in IPsec main mode.

D : It is necessary to use the IKEv2 protocol in this situation.

Answer: A

Question 5

Refer to the exhibit.

A customer wants FortiClient EMS configured to deploy to 1500 endpoints. The deployment will be integrated

with FortiOS and there is an Active Directory server.

Given the configuration shown in the exhibit, which two statements about the installation are correct? (Choose

two.)

A : no client update time is specified on EMS, the user will be able to choose the time of installation if they wish to delay.

B : client can be eligible for multiple enabled configurations on the EMS server, and one will be chosen based on first priority

C : u can only deploy initial installations to Windows clients.

D : u must use Standard or Enterprise SQL Server rather than the included SQL Server Express

E : Windows clients only require "File and Printer Sharing0 allowed and the rest is handled by Active Directory group policy

Answer: B,C